NathanF

ESET Remote Administrator

Discussion created by NathanF on Nov 14, 2011
Latest reply on Nov 18, 2011 by NathanF

All events from ESET Smart Security, ESET NOD32 Antivirus and ESET server security solutions installed across the network are collected by ESET Remote Administrator, where events are summarized and forwarded to RSA enVision. Currently, all events from ThreatLog, FirewallLog and EventLog are supported. All information about malware detections, blocked communication, update problems or any other events reported by ESET products are immediately available directly in RSA enVision.

 

Release Date

What’s New In This Release

11/14/2011

Initial support for ESET Remote Administrator

04/06/2012

Support added for ESET v5 events and converted to Content 2.0

 

Note: Content 2.0 features substantial improvements to the parsing of event data into the various tables that are used for queries and reports. Content 2.0 is the future direction for all event sources within the supported library. For rules and reports, note the following:

-For factory reports, as existing event sources are converted to Content 2.0, their device-specific reports are updated to work with the new content. In some cases, class-specific reports have replaced device-specific reports.

-Factory correlated rules have been modified to take advantage of the improved tables, variables and parsing.

-Custom rules, that involve event sources updated to work with Content 2.0, need to be rewritten.

-Custom reports may not produce the same results as previously. For guidance on updating custom reports, see the RSA enVision Content Inspection Tool document and the online Help topics that describe the Content 2.0 tables

Attachments

Outcomes